1 files changed, 113 insertions, 97 deletions
diff --git a/security/seclvl.c b/security/seclvl.c
index 8529ea6f7aa8..441beaf1bbc1 100644
--- a/security/seclvl.c
+++ b/security/seclvl.c
@@ -8,6 +8,7 @@
 * Copyright (c) 2001 WireX Communications, Inc <chris@wirex.com>
 * Copyright (c) 2001 Greg Kroah-Hartman <greg@kroah.com>
 * Copyright (c) 2002 International Business Machines <robb@austin.ibm.com>
+ * Copyright (c) 2006 Davi E. M. Arnaut <davi.arnaut@gmail.com>
 *
 *      This program is free software; you can redistribute it and/or modify
 *      it under the terms of the GNU General Public License as published by
@@ -31,6 +32,7 @@
 #include <linux/kobject.h>
 #include <linux/crypto.h>
 #include <asm/scatterlist.h>
+#include <linux/scatterlist.h>
 #include <linux/gfp.h>
 #include <linux/sysfs.h>
@@ -194,35 +196,27 @@ static unsigned char hashedPassword[SHA1_DIGEST_SIZE];
 * people...
 */
 static int
-plaintext_to_sha1(unsigned char *hash, const char *plaintext, int len)
+plaintext_to_sha1(unsigned char *hash, const char *plaintext, unsigned int len)
 {
-        char *pgVirtAddr;
        struct crypto_tfm *tfm;
-        struct scatterlist sg[1];
+        struct scatterlist sg;
        if (len > PAGE_SIZE) {
                seclvl_printk(0, KERN_ERR, "Plaintext password too large (%d "
                              "characters).  Largest possible is %lu "
                              "bytes.\n", len, PAGE_SIZE);
-                return -ENOMEM;
+                return -EINVAL;
        }
        tfm = crypto_alloc_tfm("sha1", CRYPTO_TFM_REQ_MAY_SLEEP);
        if (tfm == NULL) {
                seclvl_printk(0, KERN_ERR,
                              "Failed to load transform for SHA1\n");
-                return -ENOSYS;
+                return -EINVAL;
        }
-        // Just get a new page; don't play around with page boundaries
+        sg_init_one(&sg, (u8 *)plaintext, len);
-        // and scatterlists.
-        pgVirtAddr = (char *)__get_free_page(GFP_KERNEL);
-        sg[0].page = virt_to_page(pgVirtAddr);
-        sg[0].offset = 0;
-        sg[0].length = len;
-        strncpy(pgVirtAddr, plaintext, len);
        crypto_digest_init(tfm);
-        crypto_digest_update(tfm, sg, 1);
+        crypto_digest_update(tfm, &sg, 1);
        crypto_digest_final(tfm, hash);
        crypto_free_tfm(tfm);
-        free_page((unsigned long)pgVirtAddr);
        return 0;
 }
@@ -234,11 +228,9 @@ static ssize_t
 passwd_write_file(struct file * file, const char __user * buf,
                                size_t count, loff_t *ppos)
 {
-        int i;
+        char *p;
-        unsigned char tmp[SHA1_DIGEST_SIZE];
-        char *page;
-        int rc;
        int len;
+        unsigned char tmp[SHA1_DIGEST_SIZE];
        if (!*passwd && !*sha1_passwd) {
                seclvl_printk(0, KERN_ERR, "Attempt to password-unlock the "
@@ -251,38 +243,39 @@ passwd_write_file(struct file * file, const char __user * buf,
                return -EINVAL;
        }
-        if (count < 0 || count >= PAGE_SIZE)
+        if (count >= PAGE_SIZE)
                return -EINVAL;
        if (*ppos != 0)
                return -EINVAL;
-        page = (char *)get_zeroed_page(GFP_KERNEL);
+        p = kmalloc(count, GFP_KERNEL);
-        if (!page)
+        if (!p)
                return -ENOMEM;
        len = -EFAULT;
-        if (copy_from_user(page, buf, count))
+        if (copy_from_user(p, buf, count))
                goto out;
        
-        len = strlen(page);
+        len = count;
        /* ``echo "secret" > seclvl/passwd'' includes a newline */
-        if (page[len - 1] == '\n')
+        if (p[len - 1] == '\n')
                len--;
        /* Hash the password, then compare the hashed values */
-        if ((rc = plaintext_to_sha1(tmp, page, len))) {
+        if ((len = plaintext_to_sha1(tmp, p, len))) {
                seclvl_printk(0, KERN_ERR, "Error hashing password: rc = "
-                              "[%d]\n", rc);
+                              "[%d]\n", len);
-                return rc;
+                goto out;
-        }
-        for (i = 0; i < SHA1_DIGEST_SIZE; i++) {
-                if (hashedPassword[i] != tmp[i])
-                        return -EPERM;
        }
+        len = -EPERM;
+        if (memcmp(hashedPassword, tmp, SHA1_DIGEST_SIZE))
+                goto out;
        seclvl_printk(0, KERN_INFO,
                      "Password accepted; seclvl reduced to 0.\n");
        seclvl = 0;
        len = count;
 out:
-        free_page((unsigned long)page);
+        kfree (p);
        return len;
 }
@@ -295,13 +288,11 @@ static struct file_operations passwd_file_ops = {
 */
 static int seclvl_ptrace(struct task_struct *parent, struct task_struct *child)
 {
-        if (seclvl >= 0) {
+        if (seclvl >= 0 && child->pid == 1) {
-                if (child->pid == 1) {
+                seclvl_printk(1, KERN_WARNING, "Attempt to ptrace "
-                        seclvl_printk(1, KERN_WARNING, "Attempt to ptrace "
+                              "the init process dissallowed in "
-                                      "the init process dissallowed in "
+                              "secure level %d\n", seclvl);
-                                      "secure level %d\n", seclvl);
+                return -EPERM;
-                        return -EPERM;
-                }
        }
        return 0;
 }
@@ -312,55 +303,54 @@ static int seclvl_ptrace(struct task_struct *parent, struct task_struct *child)
 */
 static int seclvl_capable(struct task_struct *tsk, int cap)
 {
+        int rc = 0;
        /* init can do anything it wants */
        if (tsk->pid == 1)
                return 0;
-        switch (seclvl) {
+        if (seclvl > 0) {
-        case 2:
+                rc = -EPERM;
-                /* fall through */
-        case 1:
+                if (cap == CAP_LINUX_IMMUTABLE)
-                if (cap == CAP_LINUX_IMMUTABLE) {
                        seclvl_printk(1, KERN_WARNING, "Attempt to modify "
                                      "the IMMUTABLE and/or APPEND extended "
                                      "attribute on a file with the IMMUTABLE "
                                      "and/or APPEND extended attribute set "
                                      "denied in seclvl [%d]\n", seclvl);
-                        return -EPERM;
+                else if (cap == CAP_SYS_RAWIO)
-                } else if (cap == CAP_SYS_RAWIO) {      // Somewhat broad...
                        seclvl_printk(1, KERN_WARNING, "Attempt to perform "
                                      "raw I/O while in secure level [%d] "
                                      "denied\n", seclvl);
-                        return -EPERM;
+                else if (cap == CAP_NET_ADMIN)
-                } else if (cap == CAP_NET_ADMIN) {
                        seclvl_printk(1, KERN_WARNING, "Attempt to perform "
                                      "network administrative task while "
                                      "in secure level [%d] denied\n", seclvl);
-                        return -EPERM;
+                else if (cap == CAP_SETUID)
-                } else if (cap == CAP_SETUID) {
                        seclvl_printk(1, KERN_WARNING, "Attempt to setuid "
                                      "while in secure level [%d] denied\n",
                                      seclvl);
-                        return -EPERM;
+                else if (cap == CAP_SETGID)
-                } else if (cap == CAP_SETGID) {
                        seclvl_printk(1, KERN_WARNING, "Attempt to setgid "
                                      "while in secure level [%d] denied\n",
                                      seclvl);
-                } else if (cap == CAP_SYS_MODULE) {
+                else if (cap == CAP_SYS_MODULE)
                        seclvl_printk(1, KERN_WARNING, "Attempt to perform "
                                      "a module operation while in secure "
                                      "level [%d] denied\n", seclvl);
-                        return -EPERM;
+                else
-                }
+                        rc = 0;
-                break;
-        default:
-                break;
        }
-        /* from dummy.c */
-        if (cap_is_fs_cap(cap) ? tsk->fsuid == 0 : tsk->euid == 0)
+        if (!rc) {
-                return 0;       /* capability granted */
+                if (!(cap_is_fs_cap(cap) ? tsk->fsuid == 0 : tsk->euid == 0))
-        seclvl_printk(1, KERN_WARNING, "Capability denied\n");
+                        rc = -EPERM;
-        return -EPERM;          /* capability denied */
+        }
+        if (rc)
+                seclvl_printk(1, KERN_WARNING, "Capability denied\n");
+        return rc;
 }
 /**
@@ -466,12 +456,9 @@ static int seclvl_inode_setattr(struct dentry *dentry, struct iattr *iattr)
 static void seclvl_file_free_security(struct file *filp)
 {
        struct dentry *dentry = filp->f_dentry;
-        struct inode *inode = NULL;
-        if (dentry) {
+        if (dentry)
-                inode = dentry->d_inode;
+                seclvl_bd_release(dentry->d_inode);
-                seclvl_bd_release(inode);
-        }
 }
 /**
@@ -479,9 +466,7 @@ static void seclvl_file_free_security(struct file *filp)
 */
 static int seclvl_umount(struct vfsmount *mnt, int flags)
 {
-        if (current->pid == 1)
+        if (current->pid != 1 && seclvl == 2) {
-                return 0;
-        if (seclvl == 2) {
                seclvl_printk(1, KERN_WARNING, "Attempt to unmount in secure "
                              "level %d\n", seclvl);
                return -EPERM;
@@ -505,8 +490,9 @@ static struct security_operations seclvl_ops = {
 static int processPassword(void)
 {
        int rc = 0;
-        hashedPassword[0] = '\0';
        if (*passwd) {
+                char *p;
                if (*sha1_passwd) {
                        seclvl_printk(0, KERN_ERR, "Error: Both "
                                      "passwd and sha1_passwd "
@@ -514,12 +500,16 @@ static int processPassword(void)
                                      "exclusive.\n");
                        return -EINVAL;
                }
-                if ((rc = plaintext_to_sha1(hashedPassword, passwd,
-                                            strlen(passwd)))) {
+                p = kstrdup(passwd, GFP_KERNEL);
+                if (p == NULL)
+                        return -ENOMEM;
+                if ((rc = plaintext_to_sha1(hashedPassword, p, strlen(p))))
                        seclvl_printk(0, KERN_ERR, "Error: SHA1 support not "
                                      "in kernel\n");
-                        return rc;
-                }
+                kfree (p);
                /* All static data goes to the BSS, which zero's the
                 * plaintext password out for us. */
        } else if (*sha1_passwd) {      // Base 16
@@ -542,7 +532,7 @@ static int processPassword(void)
                        sha1_passwd[i + 2] = tmp;
                }
        }
-        return 0;
+        return rc;
 }
 /**
@@ -552,28 +542,46 @@ struct dentry *dir_ino, *seclvl_ino, *passwd_ino;
 static int seclvlfs_register(void)
 {
+        int rc = 0;
        dir_ino = securityfs_create_dir("seclvl", NULL);
-        if (!dir_ino)
-                return -EFAULT;
+        if (IS_ERR(dir_ino))
+                return PTR_ERR(dir_ino);
        seclvl_ino = securityfs_create_file("seclvl", S_IRUGO | S_IWUSR,
                                dir_ino, &seclvl, &seclvl_file_ops);
-        if (!seclvl_ino)
+        if (IS_ERR(seclvl_ino)) {
+                rc = PTR_ERR(seclvl_ino);
                goto out_deldir;
+        }
        if (*passwd || *sha1_passwd) {
                passwd_ino = securityfs_create_file("passwd", S_IRUGO | S_IWUSR,
                                dir_ino, NULL, &passwd_file_ops);
-                if (!passwd_ino)
+                if (IS_ERR(passwd_ino)) {
+                        rc = PTR_ERR(passwd_ino);
                        goto out_delf;
+                }
        }
-        return 0;
+        return rc;
+out_delf:
+        securityfs_remove(seclvl_ino);
 out_deldir:
        securityfs_remove(dir_ino);
-out_delf:
+        return rc;
+}
+static void seclvlfs_unregister(void)
+{
        securityfs_remove(seclvl_ino);
-        return -EFAULT;
+        if (*passwd || *sha1_passwd)
+                securityfs_remove(passwd_ino);
+        securityfs_remove(dir_ino);
 }
 /**
@@ -582,6 +590,8 @@ out_delf:
 static int __init seclvl_init(void)
 {
        int rc = 0;
+        static char once;
        if (verbosity < 0 || verbosity > 1) {
                printk(KERN_ERR "Error: bad verbosity [%d]; only 0 or 1 "
                       "are valid values\n", verbosity);
@@ -600,6 +610,11 @@ static int __init seclvl_init(void)
                              "module parameter(s): rc = [%d]\n", rc);
                goto exit;
        }
+        if ((rc = seclvlfs_register())) {
+                seclvl_printk(0, KERN_ERR, "Error registering with sysfs\n");
+                goto exit;
+        }
        /* register ourselves with the security framework */
        if (register_security(&seclvl_ops)) {
                seclvl_printk(0, KERN_ERR,
@@ -611,20 +626,24 @@ static int __init seclvl_init(void)
                        seclvl_printk(0, KERN_ERR, "seclvl: Failure "
                                      "registering with primary security "
                                      "module.\n");
+                        seclvlfs_unregister();
                        goto exit;
                }               /* if primary module registered */
                secondary = 1;
        }                       /* if we registered ourselves with the security framework */
-        if ((rc = seclvlfs_register())) {
-                seclvl_printk(0, KERN_ERR, "Error registering with sysfs\n");
-                goto exit;
-        }
        seclvl_printk(0, KERN_INFO, "seclvl: Successfully initialized.\n");
+        if (once) {
+                once = 1;
+                seclvl_printk(0, KERN_INFO, "seclvl is going away. It has been "
+                                "buggy for ages. Also, be warned that "
+                                "Securelevels are useless.");
+        }
 exit:
-        if (rc) {
+        if (rc)
                printk(KERN_ERR "seclvl: Error during initialization: rc = "
                       "[%d]\n", rc);
-        }
        return rc;
 }
@@ -633,17 +652,14 @@ static int __init seclvl_init(void)
 */
 static void __exit seclvl_exit(void)
 {
-        securityfs_remove(seclvl_ino);
+        seclvlfs_unregister();
-        if (*passwd || *sha1_passwd)
-                securityfs_remove(passwd_ino);
+        if (secondary)
-        securityfs_remove(dir_ino);
-        if (secondary == 1) {
                mod_unreg_security(MY_NAME, &seclvl_ops);
-        } else if (unregister_security(&seclvl_ops)) {
+        else if (unregister_security(&seclvl_ops))
                seclvl_printk(0, KERN_INFO,
                              "seclvl: Failure unregistering with the "
                              "kernel\n");
-        }
 }
 module_init(seclvl_init);

diff --git a/security/seclvl.c b/security/seclvl.c index 8529ea6f7aa8..441beaf1bbc1 100644 --- a/security/seclvl.c +++ b/security/seclvl.c
@@ -8,6 +8,7 @@
8	* Copyright (c) 2001 WireX Communications, Inc <chris@wirex.com>	8	* Copyright (c) 2001 WireX Communications, Inc <chris@wirex.com>
9	* Copyright (c) 2001 Greg Kroah-Hartman <greg@kroah.com>	9	* Copyright (c) 2001 Greg Kroah-Hartman <greg@kroah.com>
10	* Copyright (c) 2002 International Business Machines <robb@austin.ibm.com>	10	* Copyright (c) 2002 International Business Machines <robb@austin.ibm.com>
		11	* Copyright (c) 2006 Davi E. M. Arnaut <davi.arnaut@gmail.com>
11	*	12	*
12	* This program is free software; you can redistribute it and/or modify	13	* This program is free software; you can redistribute it and/or modify
13	* it under the terms of the GNU General Public License as published by	14	* it under the terms of the GNU General Public License as published by
@@ -31,6 +32,7 @@
31	#include <linux/kobject.h>	32	#include <linux/kobject.h>
32	#include <linux/crypto.h>	33	#include <linux/crypto.h>
33	#include <asm/scatterlist.h>	34	#include <asm/scatterlist.h>
		35	#include <linux/scatterlist.h>
34	#include <linux/gfp.h>	36	#include <linux/gfp.h>
35	#include <linux/sysfs.h>	37	#include <linux/sysfs.h>
36		38
@@ -194,35 +196,27 @@ static unsigned char hashedPassword[SHA1_DIGEST_SIZE];
194	* people...	196	* people...
195	*/	197	*/
196	static int	198	static int
197	plaintext_to_sha1(unsigned char hash, const char plaintext, int len)	199	plaintext_to_sha1(unsigned char hash, const char plaintext, unsigned int len)
198	{	200	{
199	char *pgVirtAddr;
200	struct crypto_tfm *tfm;	201	struct crypto_tfm *tfm;
201	struct scatterlist sg[1];	202	struct scatterlist sg;
202	if (len > PAGE_SIZE) {	203	if (len > PAGE_SIZE) {
203	seclvl_printk(0, KERN_ERR, "Plaintext password too large (%d "	204	seclvl_printk(0, KERN_ERR, "Plaintext password too large (%d "
204	"characters). Largest possible is %lu "	205	"characters). Largest possible is %lu "
205	"bytes.\n", len, PAGE_SIZE);	206	"bytes.\n", len, PAGE_SIZE);
206	return -ENOMEM;	207	return -EINVAL;
207	}	208	}
208	tfm = crypto_alloc_tfm("sha1", CRYPTO_TFM_REQ_MAY_SLEEP);	209	tfm = crypto_alloc_tfm("sha1", CRYPTO_TFM_REQ_MAY_SLEEP);
209	if (tfm == NULL) {	210	if (tfm == NULL) {
210	seclvl_printk(0, KERN_ERR,	211	seclvl_printk(0, KERN_ERR,
211	"Failed to load transform for SHA1\n");	212	"Failed to load transform for SHA1\n");
212	return -ENOSYS;	213	return -EINVAL;
213	}	214	}
214	// Just get a new page; don't play around with page boundaries	215	sg_init_one(&sg, (u8 *)plaintext, len);
215	// and scatterlists.
216	pgVirtAddr = (char *)__get_free_page(GFP_KERNEL);
217	sg[0].page = virt_to_page(pgVirtAddr);
218	sg[0].offset = 0;
219	sg[0].length = len;
220	strncpy(pgVirtAddr, plaintext, len);
221	crypto_digest_init(tfm);	216	crypto_digest_init(tfm);
222	crypto_digest_update(tfm, sg, 1);	217	crypto_digest_update(tfm, &sg, 1);
223	crypto_digest_final(tfm, hash);	218	crypto_digest_final(tfm, hash);
224	crypto_free_tfm(tfm);	219	crypto_free_tfm(tfm);
225	free_page((unsigned long)pgVirtAddr);
226	return 0;	220	return 0;
227	}	221	}
228		222
@@ -234,11 +228,9 @@ static ssize_t
234	passwd_write_file(struct file * file, const char __user * buf,	228	passwd_write_file(struct file * file, const char __user * buf,
235	size_t count, loff_t *ppos)	229	size_t count, loff_t *ppos)
236	{	230	{
237	int i;	231	char *p;
238	unsigned char tmp[SHA1_DIGEST_SIZE];
239	char *page;
240	int rc;
241	int len;	232	int len;
		233	unsigned char tmp[SHA1_DIGEST_SIZE];
242		234
243	if (!passwd && !sha1_passwd) {	235	if (!passwd && !sha1_passwd) {
244	seclvl_printk(0, KERN_ERR, "Attempt to password-unlock the "	236	seclvl_printk(0, KERN_ERR, "Attempt to password-unlock the "
@@ -251,38 +243,39 @@ passwd_write_file(struct file * file, const char __user * buf,
251	return -EINVAL;	243	return -EINVAL;
252	}	244	}
253		245
254	if (count < 0 \|\| count >= PAGE_SIZE)	246	if (count >= PAGE_SIZE)
255	return -EINVAL;	247	return -EINVAL;
256	if (*ppos != 0)	248	if (*ppos != 0)
257	return -EINVAL;	249	return -EINVAL;
258	page = (char *)get_zeroed_page(GFP_KERNEL);	250	p = kmalloc(count, GFP_KERNEL);
259	if (!page)	251	if (!p)
260	return -ENOMEM;	252	return -ENOMEM;
261	len = -EFAULT;	253	len = -EFAULT;
262	if (copy_from_user(page, buf, count))	254	if (copy_from_user(p, buf, count))
263	goto out;	255	goto out;
264		256
265	len = strlen(page);	257	len = count;
266	/* ``echo "secret" > seclvl/passwd'' includes a newline */	258	/* ``echo "secret" > seclvl/passwd'' includes a newline */
267	if (page[len - 1] == '\n')	259	if (p[len - 1] == '\n')
268	len--;	260	len--;
269	/* Hash the password, then compare the hashed values */	261	/* Hash the password, then compare the hashed values */
270	if ((rc = plaintext_to_sha1(tmp, page, len))) {	262	if ((len = plaintext_to_sha1(tmp, p, len))) {
271	seclvl_printk(0, KERN_ERR, "Error hashing password: rc = "	263	seclvl_printk(0, KERN_ERR, "Error hashing password: rc = "
272	"[%d]\n", rc);	264	"[%d]\n", len);
273	return rc;	265	goto out;
274	}
275	for (i = 0; i < SHA1_DIGEST_SIZE; i++) {
276	if (hashedPassword[i] != tmp[i])
277	return -EPERM;
278	}	266	}
		267
		268	len = -EPERM;
		269	if (memcmp(hashedPassword, tmp, SHA1_DIGEST_SIZE))
		270	goto out;
		271
279	seclvl_printk(0, KERN_INFO,	272	seclvl_printk(0, KERN_INFO,
280	"Password accepted; seclvl reduced to 0.\n");	273	"Password accepted; seclvl reduced to 0.\n");
281	seclvl = 0;	274	seclvl = 0;
282	len = count;	275	len = count;
283		276
284	out:	277	out:
285	free_page((unsigned long)page);	278	kfree (p);
286	return len;	279	return len;
287	}	280	}
288		281
@@ -295,13 +288,11 @@ static struct file_operations passwd_file_ops = {
295	*/	288	*/
296	static int seclvl_ptrace(struct task_struct parent, struct task_struct child)	289	static int seclvl_ptrace(struct task_struct parent, struct task_struct child)
297	{	290	{
298	if (seclvl >= 0) {	291	if (seclvl >= 0 && child->pid == 1) {
299	if (child->pid == 1) {	292	seclvl_printk(1, KERN_WARNING, "Attempt to ptrace "
300	seclvl_printk(1, KERN_WARNING, "Attempt to ptrace "	293	"the init process dissallowed in "
301	"the init process dissallowed in "	294	"secure level %d\n", seclvl);
302	"secure level %d\n", seclvl);	295	return -EPERM;
303	return -EPERM;
304	}
305	}	296	}
306	return 0;	297	return 0;
307	}	298	}
@@ -312,55 +303,54 @@ static int seclvl_ptrace(struct task_struct parent, struct task_struct child)
312	*/	303	*/
313	static int seclvl_capable(struct task_struct *tsk, int cap)	304	static int seclvl_capable(struct task_struct *tsk, int cap)
314	{	305	{
		306	int rc = 0;
		307
315	/* init can do anything it wants */	308	/* init can do anything it wants */
316	if (tsk->pid == 1)	309	if (tsk->pid == 1)
317	return 0;	310	return 0;
318		311
319	switch (seclvl) {	312	if (seclvl > 0) {
320	case 2:	313	rc = -EPERM;
321	/* fall through */	314
322	case 1:	315	if (cap == CAP_LINUX_IMMUTABLE)
323	if (cap == CAP_LINUX_IMMUTABLE) {
324	seclvl_printk(1, KERN_WARNING, "Attempt to modify "	316	seclvl_printk(1, KERN_WARNING, "Attempt to modify "
325	"the IMMUTABLE and/or APPEND extended "	317	"the IMMUTABLE and/or APPEND extended "
326	"attribute on a file with the IMMUTABLE "	318	"attribute on a file with the IMMUTABLE "
327	"and/or APPEND extended attribute set "	319	"and/or APPEND extended attribute set "
328	"denied in seclvl [%d]\n", seclvl);	320	"denied in seclvl [%d]\n", seclvl);
329	return -EPERM;	321	else if (cap == CAP_SYS_RAWIO)
330	} else if (cap == CAP_SYS_RAWIO) { // Somewhat broad...
331	seclvl_printk(1, KERN_WARNING, "Attempt to perform "	322	seclvl_printk(1, KERN_WARNING, "Attempt to perform "
332	"raw I/O while in secure level [%d] "	323	"raw I/O while in secure level [%d] "
333	"denied\n", seclvl);	324	"denied\n", seclvl);
334	return -EPERM;	325	else if (cap == CAP_NET_ADMIN)
335	} else if (cap == CAP_NET_ADMIN) {
336	seclvl_printk(1, KERN_WARNING, "Attempt to perform "	326	seclvl_printk(1, KERN_WARNING, "Attempt to perform "
337	"network administrative task while "	327	"network administrative task while "
338	"in secure level [%d] denied\n", seclvl);	328	"in secure level [%d] denied\n", seclvl);
339	return -EPERM;	329	else if (cap == CAP_SETUID)
340	} else if (cap == CAP_SETUID) {
341	seclvl_printk(1, KERN_WARNING, "Attempt to setuid "	330	seclvl_printk(1, KERN_WARNING, "Attempt to setuid "
342	"while in secure level [%d] denied\n",	331	"while in secure level [%d] denied\n",
343	seclvl);	332	seclvl);
344	return -EPERM;	333	else if (cap == CAP_SETGID)
345	} else if (cap == CAP_SETGID) {
346	seclvl_printk(1, KERN_WARNING, "Attempt to setgid "	334	seclvl_printk(1, KERN_WARNING, "Attempt to setgid "
347	"while in secure level [%d] denied\n",	335	"while in secure level [%d] denied\n",
348	seclvl);	336	seclvl);
349	} else if (cap == CAP_SYS_MODULE) {	337	else if (cap == CAP_SYS_MODULE)
350	seclvl_printk(1, KERN_WARNING, "Attempt to perform "	338	seclvl_printk(1, KERN_WARNING, "Attempt to perform "
351	"a module operation while in secure "	339	"a module operation while in secure "
352	"level [%d] denied\n", seclvl);	340	"level [%d] denied\n", seclvl);
353	return -EPERM;	341	else
354	}	342	rc = 0;
355	break;
356	default:
357	break;
358	}	343	}
359	/* from dummy.c */	344
360	if (cap_is_fs_cap(cap) ? tsk->fsuid == 0 : tsk->euid == 0)	345	if (!rc) {
361	return 0; /* capability granted */	346	if (!(cap_is_fs_cap(cap) ? tsk->fsuid == 0 : tsk->euid == 0))
362	seclvl_printk(1, KERN_WARNING, "Capability denied\n");	347	rc = -EPERM;
363	return -EPERM; /* capability denied */	348	}
		349
		350	if (rc)
		351	seclvl_printk(1, KERN_WARNING, "Capability denied\n");
		352
		353	return rc;
364	}	354	}
365		355
366	/**	356	/**
@@ -466,12 +456,9 @@ static int seclvl_inode_setattr(struct dentry dentry, struct iattr iattr)
466	static void seclvl_file_free_security(struct file *filp)	456	static void seclvl_file_free_security(struct file *filp)
467	{	457	{
468	struct dentry *dentry = filp->f_dentry;	458	struct dentry *dentry = filp->f_dentry;
469	struct inode *inode = NULL;
470		459
471	if (dentry) {	460	if (dentry)
472	inode = dentry->d_inode;	461	seclvl_bd_release(dentry->d_inode);
473	seclvl_bd_release(inode);
474	}
475	}	462	}
476		463
477	/**	464	/**
@@ -479,9 +466,7 @@ static void seclvl_file_free_security(struct file *filp)
479	*/	466	*/
480	static int seclvl_umount(struct vfsmount *mnt, int flags)	467	static int seclvl_umount(struct vfsmount *mnt, int flags)
481	{	468	{
482	if (current->pid == 1)	469	if (current->pid != 1 && seclvl == 2) {
483	return 0;
484	if (seclvl == 2) {
485	seclvl_printk(1, KERN_WARNING, "Attempt to unmount in secure "	470	seclvl_printk(1, KERN_WARNING, "Attempt to unmount in secure "
486	"level %d\n", seclvl);	471	"level %d\n", seclvl);
487	return -EPERM;	472	return -EPERM;
@@ -505,8 +490,9 @@ static struct security_operations seclvl_ops = {
505	static int processPassword(void)	490	static int processPassword(void)
506	{	491	{
507	int rc = 0;	492	int rc = 0;
508	hashedPassword[0] = '\0';
509	if (*passwd) {	493	if (*passwd) {
		494	char *p;
		495
510	if (*sha1_passwd) {	496	if (*sha1_passwd) {
511	seclvl_printk(0, KERN_ERR, "Error: Both "	497	seclvl_printk(0, KERN_ERR, "Error: Both "
512	"passwd and sha1_passwd "	498	"passwd and sha1_passwd "
@@ -514,12 +500,16 @@ static int processPassword(void)
514	"exclusive.\n");	500	"exclusive.\n");
515	return -EINVAL;	501	return -EINVAL;
516	}	502	}
517	if ((rc = plaintext_to_sha1(hashedPassword, passwd,	503
518	strlen(passwd)))) {	504	p = kstrdup(passwd, GFP_KERNEL);
		505	if (p == NULL)
		506	return -ENOMEM;
		507
		508	if ((rc = plaintext_to_sha1(hashedPassword, p, strlen(p))))
519	seclvl_printk(0, KERN_ERR, "Error: SHA1 support not "	509	seclvl_printk(0, KERN_ERR, "Error: SHA1 support not "
520	"in kernel\n");	510	"in kernel\n");
521	return rc;	511
522	}	512	kfree (p);
523	/* All static data goes to the BSS, which zero's the	513	/* All static data goes to the BSS, which zero's the
524	* plaintext password out for us. */	514	* plaintext password out for us. */
525	} else if (*sha1_passwd) { // Base 16	515	} else if (*sha1_passwd) { // Base 16
@@ -542,7 +532,7 @@ static int processPassword(void)
542	sha1_passwd[i + 2] = tmp;	532	sha1_passwd[i + 2] = tmp;
543	}	533	}
544	}	534	}
545	return 0;	535	return rc;
546	}	536	}
547		537
548	/**	538	/**
@@ -552,28 +542,46 @@ struct dentry dir_ino, seclvl_ino, *passwd_ino;
552		542
553	static int seclvlfs_register(void)	543	static int seclvlfs_register(void)
554	{	544	{
		545	int rc = 0;
		546
555	dir_ino = securityfs_create_dir("seclvl", NULL);	547	dir_ino = securityfs_create_dir("seclvl", NULL);
556	if (!dir_ino)	548
557	return -EFAULT;	549	if (IS_ERR(dir_ino))
		550	return PTR_ERR(dir_ino);
558		551
559	seclvl_ino = securityfs_create_file("seclvl", S_IRUGO \| S_IWUSR,	552	seclvl_ino = securityfs_create_file("seclvl", S_IRUGO \| S_IWUSR,
560	dir_ino, &seclvl, &seclvl_file_ops);	553	dir_ino, &seclvl, &seclvl_file_ops);
561	if (!seclvl_ino)	554	if (IS_ERR(seclvl_ino)) {
		555	rc = PTR_ERR(seclvl_ino);
562	goto out_deldir;	556	goto out_deldir;
		557	}
563	if (passwd \|\| sha1_passwd) {	558	if (passwd \|\| sha1_passwd) {
564	passwd_ino = securityfs_create_file("passwd", S_IRUGO \| S_IWUSR,	559	passwd_ino = securityfs_create_file("passwd", S_IRUGO \| S_IWUSR,
565	dir_ino, NULL, &passwd_file_ops);	560	dir_ino, NULL, &passwd_file_ops);
566	if (!passwd_ino)	561	if (IS_ERR(passwd_ino)) {
		562	rc = PTR_ERR(passwd_ino);
567	goto out_delf;	563	goto out_delf;
		564	}
568	}	565	}
569	return 0;	566	return rc;
		567
		568	out_delf:
		569	securityfs_remove(seclvl_ino);
570		570
571	out_deldir:	571	out_deldir:
572	securityfs_remove(dir_ino);	572	securityfs_remove(dir_ino);
573	out_delf:	573
		574	return rc;
		575	}
		576
		577	static void seclvlfs_unregister(void)
		578	{
574	securityfs_remove(seclvl_ino);	579	securityfs_remove(seclvl_ino);
575		580
576	return -EFAULT;	581	if (passwd \|\| sha1_passwd)
		582	securityfs_remove(passwd_ino);
		583
		584	securityfs_remove(dir_ino);
577	}	585	}
578		586
579	/**	587	/**
@@ -582,6 +590,8 @@ out_delf:
582	static int __init seclvl_init(void)	590	static int __init seclvl_init(void)
583	{	591	{
584	int rc = 0;	592	int rc = 0;
		593	static char once;
		594
585	if (verbosity < 0 \|\| verbosity > 1) {	595	if (verbosity < 0 \|\| verbosity > 1) {
586	printk(KERN_ERR "Error: bad verbosity [%d]; only 0 or 1 "	596	printk(KERN_ERR "Error: bad verbosity [%d]; only 0 or 1 "
587	"are valid values\n", verbosity);	597	"are valid values\n", verbosity);
@@ -600,6 +610,11 @@ static int __init seclvl_init(void)
600	"module parameter(s): rc = [%d]\n", rc);	610	"module parameter(s): rc = [%d]\n", rc);
601	goto exit;	611	goto exit;
602	}	612	}
		613
		614	if ((rc = seclvlfs_register())) {
		615	seclvl_printk(0, KERN_ERR, "Error registering with sysfs\n");
		616	goto exit;
		617	}
603	/* register ourselves with the security framework */	618	/* register ourselves with the security framework */
604	if (register_security(&seclvl_ops)) {	619	if (register_security(&seclvl_ops)) {
605	seclvl_printk(0, KERN_ERR,	620	seclvl_printk(0, KERN_ERR,
@@ -611,20 +626,24 @@ static int __init seclvl_init(void)
611	seclvl_printk(0, KERN_ERR, "seclvl: Failure "	626	seclvl_printk(0, KERN_ERR, "seclvl: Failure "
612	"registering with primary security "	627	"registering with primary security "
613	"module.\n");	628	"module.\n");
		629	seclvlfs_unregister();
614	goto exit;	630	goto exit;
615	} /* if primary module registered */	631	} /* if primary module registered */
616	secondary = 1;	632	secondary = 1;
617	} /* if we registered ourselves with the security framework */	633	} /* if we registered ourselves with the security framework */
618	if ((rc = seclvlfs_register())) {	634
619	seclvl_printk(0, KERN_ERR, "Error registering with sysfs\n");
620	goto exit;
621	}
622	seclvl_printk(0, KERN_INFO, "seclvl: Successfully initialized.\n");	635	seclvl_printk(0, KERN_INFO, "seclvl: Successfully initialized.\n");
		636
		637	if (once) {
		638	once = 1;
		639	seclvl_printk(0, KERN_INFO, "seclvl is going away. It has been "
		640	"buggy for ages. Also, be warned that "
		641	"Securelevels are useless.");
		642	}
623	exit:	643	exit:
624	if (rc) {	644	if (rc)
625	printk(KERN_ERR "seclvl: Error during initialization: rc = "	645	printk(KERN_ERR "seclvl: Error during initialization: rc = "
626	"[%d]\n", rc);	646	"[%d]\n", rc);
627	}
628	return rc;	647	return rc;
629	}	648	}
630		649
@@ -633,17 +652,14 @@ static int __init seclvl_init(void)
633	*/	652	*/
634	static void __exit seclvl_exit(void)	653	static void __exit seclvl_exit(void)
635	{	654	{
636	securityfs_remove(seclvl_ino);	655	seclvlfs_unregister();
637	if (passwd \|\| sha1_passwd)	656
638	securityfs_remove(passwd_ino);	657	if (secondary)
639	securityfs_remove(dir_ino);
640	if (secondary == 1) {
641	mod_unreg_security(MY_NAME, &seclvl_ops);	658	mod_unreg_security(MY_NAME, &seclvl_ops);
642	} else if (unregister_security(&seclvl_ops)) {	659	else if (unregister_security(&seclvl_ops))
643	seclvl_printk(0, KERN_INFO,	660	seclvl_printk(0, KERN_INFO,
644	"seclvl: Failure unregistering with the "	661	"seclvl: Failure unregistering with the "
645	"kernel\n");	662	"kernel\n");
646	}
647	}	663	}
648		664
649	module_init(seclvl_init);	665	module_init(seclvl_init);